HPE Community
Operating System - HP-UX
1832897 Members
2896 Online
110048 Solutions
New Discussion

nslookup - hide ip address

 
Byun Hee Joong
Contributor

‎03-17-2006 11:34 PM

‎03-17-2006 11:34 PM

nslookup - hide ip address

Server : L1000
O/S : 11.11
Bind : 9.2

Generally, when we test nslookup
We can see server ip-adress like below

C:\>nslookup www.yahoo.com
Server: kns.kornet.net
Address: 168.126.63.1

Non-authoritative answer:
Name: www.yahoo.akadns.net
Addresses: 66.94.230.39, 66.94.230.37, 66.94.230.50, 66.94.230.35
66.94.230.32, 66.94.230.47, 66.94.230.42, 66.94.230.75
Aliases: www.yahoo.com

But, When a client type nslookup
I want to hide server ip-address.

Is it possible?
How can I hide server ip-address?

Please tell me how to setup at server part.

0 Kudos
Reply
5 REPLIES 5
Cheryl Griffin
Honored Contributor

‎03-18-2006 01:25 AM

‎03-18-2006 01:25 AM

Re: nslookup - hide ip address

It's not possible. Maybe you need to restrict the client from running nslookup.

How does the client connect to your machine?
"Downtime is a Crime."
0 Kudos
Reply
Senthil Kumar .A_1
Honored Contributor

‎03-18-2006 05:33 AM

‎03-18-2006 05:33 AM

Re: nslookup - hide ip address

Hi,

The query, defeats the very purpuse why you have DNS. DNS is indeed used for resolving the hostname into IP address, and nslookup is one of the troubleshooting utility to see whether you nameservice lookup is fine or not. It does transperantely, what other network program's acheive by using gethostbyname() function. So your question is contradicting the purpose of name resolution.

As pointed previously, you can disable just the usage of the nslookup utility in the client machine.

Regards,
Senthil Kumar .A
Let your effort be such, the very words to define it, by a layman - would sound like a "POETRY" ;)
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎03-18-2006 08:00 AM

‎03-18-2006 08:00 AM

Re: nslookup - hide ip address

Shalom,

Due to security concerns nslookup has been deprecated in Linux and perhaps someday in Unix as well.

Its designed with trust in mind. To hide your machine from nslookup, it should be off the network entirely.

If you control the client side, have nslookup blocked or removed as advised earlier.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎03-18-2006 12:42 PM

‎03-18-2006 12:42 PM

Re: nslookup - hide ip address

The simplest way is to disable DNS completely. Then add important hostnames into the /etc/hosts file. Just remove the file /etc/resolv.conf and now your DNS server(s) will no longer be available to your local system.

It sounds as if you have security concerns. If so, consider removing shell access to the problem users. Give them a simple menu script as their shell and do not give an option to run nslookup.


Bill Hassell, sysadmin
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-19-2006 09:23 PM

‎03-19-2006 09:23 PM

Re: nslookup - hide ip address

Hope you can use hosts: entry in /etc/nsswitch.conf file with files only. files will make hostname lookup only with /etc/hosts only.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.